Cyberattacks Against Auto Industry Rise Becoming More Costly
Cyberattacks against various elements of the auto industry have risen sharply last year, as hackers become more sophisticated, according to a new report from cybersecurity company Upstream. The rolling computers our cars and trucks have become, the companies that produce them and dealers who sell them have come under a sharp increase in costly cyberattacks.
In 2024, 60% of cybersecurity incidents in the automotive and smart mobility sectors affected thousands to millions of mobility assets, including vehicles, EV charging stations, smart mobility apps, and connected devices, the 2025 Global Automotive and Smart Mobility Cybersecurity Report by Upstream revealed. In particular, massive-scale incidents, each impacting millions of vehicles, more than tripled, rising from 5% in 2023 to 19% in 2024, according to the report.
Chart from Upstream report showing sharp increase in "high-massive" impact cybersecurity attacks against the auto industry in 2024. Indeed, massive-scale incidents continued to increase between 2023 and 2024, accounting for nearly 60% of all incidents, the report revealed.
"These threat actors are looking for what's the best leverage I have to get you to pay me. If that's now, I can impact millions of vehicles. I can impact your reputation. I can impact your business," said Jason Masker, director of solutions architecture at Upstream, in an interview on the sidelines of a cybersecurity conference in Dearborn, Michigan this week.
The attacks have grown far beyond simply hacking into a vehicle's controls, although that's still a threat. The report cites a discovery by Duke University researchers that radar used to adjust proper separation of vehicles when adaptive cruise control is in use can be attacked with potentially disastrous results. "This type of attack can be used to fool adaptive cruise control systems that use radar, into thinking the car in front of it is speeding up, when it is not, resulting in a frontal collision," the report warned.
Other types of cyberattacks cited included: Chart from Upstream report on breakdown of auto-related cybersecurity attacks in 2024. Auto dealers were especially vulnerable to costly cyberattacks. In one incident cited by the report, a major ransomware attack against a major dealership management software provider affecting 15,000 dealerships, led to a three-week service outage, over $1 billion in economic damage and a $25 million ransom demand.
The Anderson Economic Group-AEG, estimated that total direct losses to franchised auto dealers reached $1.02 billion," according to the report. AEG's figure includes lost earnings from the approximately 56,000 new unit sales the company estimated were lost during the three-week period, lost earnings on used car sales, lost earnings on parts and service, additional staffing and IT service costs and additional floor plan interest costs on inventory.
The breadth of effort by so-called “black hat” attackers continues to grow, including invading or disabling the computer systems that track commercial truck drivers' legally-mandated service logs until a ransom is paid, basically shutting down operations. "They're learning from every interaction, from every impact," noted Masker. “If we didn't get paid out enough that time, maybe we'll go a little further and do something kind of malicious. So we have people in those forums."
Experts quoted in the report all expect the incidences of cyberattacks against the auto industry to increase this year affecting everything from connected electric vehicle battery charging networks to manufacturing operations.
The motivation for the attacks remains simple, according to Masker.